NetFort Resources

SQL Server Monitoring

LANGuardian alerts you to anomalous activity that poses a risk to sensitive business data on your SQL Server database infrastructure, helping you to detect fraudulent activity and more easily meet your compliance obligations. You can do all of this with no impact on performance and without needing to redesign your databases or applications.

LANGuardian integrates with Windows and Active Directory (as well as other LDAP providers), enabling you to identify the actual users responsible for all database activity. This creates an audit trail that attributes each audited database transaction to specific users.

Auditing and compliance

Database activity monitoring is critically important for compliance with standards. The Sarbanes-Oxley Act (SOX) requires companies to apply strict internal controls to all systems that affect their ability to produce accurate financial reports, while the Payment Card Industry Data Security Standard (PCI-DSS) requires organizations that process credit card transactions to prevent fraud by monitoring all access to cardholder data. LANGuardian helps you to implement the internal controls and reporting systems that enable you to demonstrate compliance with these standards. You can:

Ensure that databases are queried and updated only through the appropriate applications

Generate alerts whenever an attempt is made to access a database directly or to circumvent SQL Server client application controls

LANGuardian implements an independent and secure audit trail that cannot be modified. Together with its detailed reporting and drilldown capabilities, this allows you to prove compliance with standards such as SOX and PCI-DSS.

Secure and tamper-proof for compliance

All SQL Server activity is stored in the LANGuardian database, a secure, hardened, and tamper-proof database that is completely independent of your SQL Server infrastructure. All database activity is time-stamped, providing a verifiable audit trail that you can use as part of your IT policy and compliance framework.

Because the event repository is independent of your SQL Server infrastructure, you can configure your network so that database administrators do not have access to the log data stored by LANGuardian, and users who have access to LANGuardian do not have access to your SQL Server databases. This enables you to implement separation of duties, a fundamental principle of IT security that is a key requirement for compliance with standards such as Payment Card Industry Data Security Standard (PCI-DSS) and Sarbanes-Oxley (SOX).

How to buy

We offer perpetual and subscription LANGuardian licenses based on the number of users on your network and the number of sensors you want to deploy. Specialized features are provided as optional modules, so you do not pay for them if you do not need them.